Do Not Call Registry & Your Business

Starting from 2 January 2014, the Do Not Call (DNC) provisions under the Personal Data Protection Act 2012 (PDPA) generally prohibits organisations from sending certain marketing messages (in the form of voice calls, text or fax messages) to Singapore telephone numbers, including mobile, fixed-line, residential and business numbers, registered with the DNC Registry.

Such marketing messages generally have one or more of the following purposes:

Offer to supply, advertise or promote goods or services;

Advertise/promote suppliers or prospective suppliers of goods or services; or

Supply/advertise/promote land, interests in land or business/investment opportunities.

Whether your organisation is directly sending such marketing messages, causing the message to be sent or authorising another organisation to do so, your organisation has to ensure that such messages are not sent to Singapore telephone numbers registered with the DNC Registry.

In the event of a potential breach, the PDPC will rely on the authentic results list(s) generated by the DNC Registry in its investigations.

Check with the DNC Registry, unless you have the recipients’ clear and unambiguous consent in written or other accessible form for sending the marketing message to the Singapore telephone number.

Your organisation may also send a text or fax message (but not voice call) on related products, services and memberships to individuals with whom you have an ongoing relationship (a series of one-off transactions does not constitute an ongoing relationship), without the need to check the DNC Registry. In your message, you are required to provide information on how individuals can opt out of such messages using the same medium by which the message is sent. Upon receiving an individual’s opt-out request, you may no longer rely on the exemption and must stop sending such messages to that individual's telephone number 30 days after the opt-out. Please refer to the Personal Data Protection (Exemption from Section 43) Order 2013 for more information.

If your organisation is sending a text or fax message, include clear and accurate information identifying your organisation as well as contact details within the message. This allows the recipient to contact you for clarifications, if necessary.

If your organisation is making a voice call, ensure that the calling identity, or phone number from which the message is sent out from, is not concealed.

The DNC Registry, however, does not cover messages sent for other purposes, such as service calls or reminder messages sent by organisations to render services bought by the individual. Messages for pure market survey or research and those that promote charitable or religious causes are also not covered under the DNC provisions. Telemarketing calls or messages of a commercial nature that target businesses are also excluded from the DNC Registry rules. For the list of messages that are excluded under the PDPA, please refer to the Eighth Schedule of the PDPA.

An organisation that sends any specified message must ensure compliance with the DNC provisions, including the applicable regulations relating to the DNC Registry. In particular, under the DNC provisions, an organisation that sends a specified message addressed to a Singapore telephone number registered with the DNC Registry is guilty of an offence (unless clear and unambiguous consent in written or other accessible form had been given by the user/subscriber).

Please note that any third-party service providers offering services relating to the DNC Registry and/or checking facilities bearing similar names to the PDPC or DNC Registry are not associated with, endorsed or approved by the PDPC. Organisations that wish to register for a DNC Registry account with the PDPC should do so through our website at www.dnc.gov.sg. Individuals registering their numbers on the DNC Registry should also only do so at www.dnc.gov.sg or through PDPC’s official SMS and Toll Free numbers.

If your organisation intends to engage a third-party to check the DNC Registry on its behalf, it should consider how best to address the risks involved, with the assistance of professional advisors (where necessary). This could include, for example, entering into a written contract for such engagements where the roles and responsibilities of each party (as between the two parties) are clearly defined, and taking reasonable effort to ensure that the DNC Registry results that they received from the outsourced party are valid and have not been tampered with.

Organisations that use third-party aggregators to check telephone numbers against the DNC Registry should be aware that it is their organisations, and not the aggregators, that will be liable under the PDPA should the aggregator fail to indicate a phone number is listed on the DNC Registry.

If you require clarifications on the DNC Registry, please contact us here.